WannaCry update, guidance from Microsoft

May 16, 2017

Microsoft has issued the following alert to provide guidance regarding malware variously named WannaCrypt, WannaCry, WannaCryptor, or Wcry.

On May 12, 2017, many of our customers around the world and the critical systems they depend on were victims of malicious “WannaCrypt” software. Microsoft is working to ensure we are taking all possible actions to protect our customers.

Below we have given further details of the threat and steps every individual and business should take to stay protected.

In March, we released a security update which addresses the vulnerability that these attacks are exploiting. Unfortunately, the malware appears to have affected computers that have not applied the patch for these vulnerabilities.

While the attack is unfolding, we remind users to install MS17-010 if they have not already done so.

Microsoft antimalware telemetry constantly monitors for such threats, and alerted us to this attack. These systems gave us the visibility and context around the attach, allowing Windows Defender Antivirus to deliver real-time defence.

Through automated analysis, machine learning, and predictive modelling, we were able to protect many up-to-date systems against this malware.

Steps to prevent and protect against the threat

To get the latest protection from Microsoft, upgrade to Windows 10. Keeping your computers up-to-date gives you the benefits of the latest features and proactive mitigations built into the latest versions of Windows.

We recommend customers that have not yet installed the security update MS17-010 do so as soon as possible. Until you can apply the patch, we also recommend two possible workarounds to reduce the attack surface: